CN109413017A - A kind of method and system managing isomery firewall - Google Patents
A kind of method and system managing isomery firewall Download PDFInfo
- Publication number
- CN109413017A CN109413017A CN201810399642.1A CN201810399642A CN109413017A CN 109413017 A CN109413017 A CN 109413017A CN 201810399642 A CN201810399642 A CN 201810399642A CN 109413017 A CN109413017 A CN 109413017A
- Authority
- CN
- China
- Prior art keywords
- firewall
- target
- security strategy
- parsing result
- parsing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
Abstract
The application provides a kind of method and system for managing isomery firewall, and the security strategy configuration file of each firewall in isomery firewall is acquired by collection terminal;Collection terminal determines the brand of firewall by the identification information for including in security strategy configuration file, then calls resolver corresponding with the brand of the firewall;Resolver parses the security strategy combination for including in security strategy configuration file, obtains parsing result;Terminal device obtains the parsing result of each resolver, and according to the brand of firewall and/or IP address classification display parsing result.The application can in a terminal device in centralized displaying isomery firewall each firewall security strategy, therefore, method and system provided by the embodiments of the present application solve in the prior art, in checking isomery firewall when the security strategy of each firewall, it needs multiple terminal devices and leads to higher cost, and the problem of needing successively to check multiple terminal devices, expending time and manpower.
Description
Technical field
This application involves computer network security applied technical fields, and in particular to a method of management isomery firewall
And system.
Background technique
Firewall belongs to network safety system, is set between intranet and extranets.The safety for including using firewall
Strategy can be realized and control the network mutual access across firewall, while realizing and controlling the access of firewall itself,
Protect intranet from the intrusion of illegal user in extranets.Since the firewall of different brands is in protected object and security strategy
Aspect has differences, and therefore, the firewall of setting different brands, different product is usually required between the same intranet different tissues
The firewall of board is combined into isomery firewall.
Firewall plays an important role for network security, therefore sometimes for checking each fire prevention in isomery firewall
The security strategy of wall.In the prior art, since the security strategy that the firewall of different brands is included exists on describing mode
Difference, therefore, it is necessary to the security strategy of each firewall is checked in management system identical with the brand.In isomery firewall
Each firewall be connected respectively with the identical management system of firewall brand, management system obtain same brand fire prevention
The security strategy configuration file of wall reads the security strategy for including in security strategy configuration file and display.
But inventor has found in the research process of the application, each management system includes at least a terminal device,
So as to terminal device show firewall security strategy configuration file in include security strategy, and the cost of terminal device compared with
Height when causing to check the security strategy of isomery firewall by the prior art, needs higher cost, also, check safety
It when tactful, needs successively to check multiple terminal devices, expends time and manpower.
Summary of the invention
The application provides a kind of method and system for managing isomery firewall, to solve check isomery in the prior art
It in firewall when the security strategy of each firewall, needs multiple terminal devices and leads to higher cost, and need successively to look into
The problem of seeing multiple terminal devices, expending time and manpower.
The application's in a first aspect, provide a kind of method for managing isomery firewall, comprising:
Collection terminal acquires the security strategy configuration file of each firewall in isomery firewall, and reads the security strategy
The identification information for including in configuration file;
The collection terminal determines the brand of the firewall by the identification information;
The collection terminal calls resolver corresponding with the brand of the firewall;
The resolver parses the security strategy combination for including in the security strategy configuration file, is parsed
As a result;
Terminal device obtains the parsing result of each resolver, and according to the brand of the firewall and/or IP
Location classification shows the parsing result.
Optionally, the collection terminal determines the brand of the firewall by the identification information, comprising:
The collection terminal determines the identification information pair according to the relationship of identification information database identification information and brand
The brand answered, using the corresponding brand of the identification information as the brand of the firewall.
Optionally, the resolver parses the security strategy combination for including in the security strategy configuration file,
Obtain parsing result, comprising:
The resolver obtains the security strategy combination for including in the security strategy configuration file;
The resolver is grouped security strategy combination, wherein each corresponding safe plan of the grouping
A security strategy slightly in combination;
The resolver extracts the characteristic information for including in each grouping;
The characteristic information is converted security strategy identical with preset describing mode by the resolver, by institute
Security strategy identical with preset describing mode is stated as parsing result.
Optionally, in collection terminal acquisition isomery firewall after the security strategy configuration file of each firewall,
Further include:
The collection terminal chooses the current safety policy configuration file of each firewall in isomery firewall, as mesh
File is marked, and determines the corresponding target preceding document of the file destination, wherein the target preceding document and the file destination pair
The firewall answered is identical, and the target preceding document is to acquire before the file destination, and acquisition time is apart from the target
A nearest security strategy configuration file of the acquisition time of file;
The collection terminal file destination and the target preceding document;
If the file destination is different from the target preceding document, the collection terminal is by the file destination and the target
First distinctive information of preceding document is transmitted to the terminal device;
The terminal device determines the corresponding first object fire prevention of the file destination according to first distinctive information
Wall, and after getting the parsing result of the file destination of the resolver parsing, by the first object firewall
Parsing result be determined as the parsing result of the file destination.
Optionally, the security strategy combination for including in the security strategy configuration file is solved in the resolver
Analysis, after obtaining parsing result, further includes:
The resolver chooses the parsing result of current each security strategy configuration file, parses and ties as target
Fruit, and determine parsing result before the corresponding target of the target parsing result, wherein parsing result and the mesh before the target
It is identical to mark the corresponding firewall of parsing result, parsing result is that solution is completed before the target parsing result before the target
Analysis, and the completion for completing target parsing result described in parsing time gap parses a nearest parsing result of time;
Parsing result before the resolver target parsing result and the target;
If the target parsing result is different from parsing result before the target, the target is parsed and is tied by the resolver
The second distinctive information of parsing result is transmitted to the terminal device before fruit and the target;
The terminal device determines that corresponding second target of the target parsing result is anti-according to second distinctive information
Wall with flues, and the parsing result of the second target firewall is determined as the target parsing result.
Optionally, after extracting the characteristic information for including in each grouping in the resolver, further includes:
The terminal device obtains the characteristic information for including in each grouping;
The terminal device combine the characteristic information for including in each grouping with the security strategy in every peace
Full strategy matches, in order to pass through the security strategy of characteristic information match query.
The second aspect of the application provides a kind of system for managing isomery firewall, and the system comprises collection terminals, parsing
Device and terminal device;
Wherein, the collection terminal includes:
Acquisition module, for acquiring the security strategy configuration file of each firewall in isomery firewall, and described in reading
The identification information for including in security strategy configuration file;
Determining module, for determining the brand of the firewall by the identification information;
Calling module, for calling resolver corresponding with the brand of the firewall;
The resolver includes:
Parsing module is obtained for parsing to the security strategy combination for including in the security strategy configuration file
Parsing result;
The terminal device includes:
Display module, for obtaining the parsing result of each resolver, and according to the brand of the firewall and/or
IP address classification shows the parsing result.
Optionally, the determining module includes:
Determination unit determines the mark letter for the relationship according to identification information database identification information and brand
Corresponding brand is ceased, using the corresponding brand of the identification information as the brand of the firewall.
Optionally, the parsing module includes:
First acquisition unit, for obtaining the security strategy for including in security strategy configuration file combination;
Grouped element, for being grouped to security strategy combination, wherein each corresponding safety of the grouping
A security strategy in strategy combination;
Extraction unit, for extracting the characteristic information for including in each grouping;
Parsing result determination unit, for converting peace identical with preset describing mode for the characteristic information
Full strategy, by the security strategy identical with preset describing mode as parsing result.
Optionally, the collection terminal further include: the first determining module, the first comparison module and the first transmission module;It is described
Terminal device further include: the second determining module;
First determining module, the safe plan for each firewall in acquisition module acquisition isomery firewall
Slightly after configuration file, the current safety policy configuration file of each firewall in isomery firewall is chosen, as target
File, and determine the corresponding target preceding document of the file destination, wherein the target preceding document is corresponding with the file destination
Firewall it is identical, the target preceding document is to acquire before the file destination, and acquisition time is apart from target text
A nearest security strategy configuration file of the acquisition time of part;
First comparison module, for the file destination and the target preceding document;
First transmission module, for determining the file destination and the target preceding document not in first comparison module
With after, the first distinctive information of the file destination and the target preceding document is transmitted to the terminal device;
Second determining module, for determining the file destination corresponding first according to first distinctive information
Target firewall, and after getting the parsing result of the file destination of the resolver parsing, by first mesh
The parsing result of mark firewall is determined as the parsing result of the file destination.
Optionally, the resolver further include: third determining module, the second comparison module and the second transmission module;It is described
Terminal device further include: the 4th determining module;
The third determining module, in the parsing module to the safety for including in the security strategy configuration file
Strategy combination is parsed, and after obtaining parsing result, the parsing result of current each security strategy configuration file is chosen, by it
As target parsing result, and determine parsing result before the corresponding target of the target parsing result, wherein solve before the target
It is identical to analyse result firewall corresponding with the target parsing result, parsing result is to parse to tie in the target before the target
It completes to parse before fruit, and the parsing that the completion parsing time for completing target parsing result described in parsing time gap is nearest
As a result;
Second comparison module, for parsing result before the target parsing result and the target;
Second transmission module, for being solved before second comparison module determines the target parsing result and the target
After analysing result difference, the second distinctive information of parsing result before the target parsing result and the target is transmitted to described
Terminal device;
4th determining module, for determining that the target parsing result is corresponding according to second distinctive information
Second target firewall, and the parsing result of the second target firewall is determined as the target parsing result.
Optionally, the terminal device further include:
Second acquisition unit, for after the extraction unit extracts the characteristic information for including in each grouping,
Obtain the characteristic information for including in each grouping;
Matching unit, for every peace in combining the characteristic information for including in each grouping with the security strategy
Full strategy matches, in order to pass through the security strategy of characteristic information match query.
From the above technical scheme, the application provides a kind of method and system for managing isomery firewall, in this method,
The security strategy configuration file of each firewall in isomery firewall is acquired by collection terminal;The collection terminal passes through the safety
The identification information for including in policy configuration file determines the brand of the firewall, then calls the brand pair with the firewall
The resolver answered;The resolver parses the security strategy combination for including in the security strategy configuration file, obtains
Parsing result;Terminal device obtains the parsing result of each resolver, and according to the brand of the firewall and/or IP
Location classification shows the parsing result.
In method and system provided by the embodiments of the present application, collection terminal can acquire the safe plan of the firewall of different brands
Slightly configuration file, and resolver identical with the brand of firewall is called, then parsing result is transmitted to terminal device, so that respectively
The security strategy of a firewall is shown in the terminal device.That is, the application can collect in a terminal device
The security strategy of each firewall in middle display isomery firewall, therefore, method and system provided by the embodiments of the present application solve
In the prior art, it in checking isomery firewall when the security strategy of each firewall, needs multiple terminal devices and causes
Higher cost, and need successively to check multiple terminal devices, the problem of expending time and manpower.
Detailed description of the invention
In order to illustrate more clearly of the technical solution of the application, letter will be made to attached drawing needed in the embodiment below
Singly introduce, it should be apparent that, for those of ordinary skills, without creative efforts, also
Other drawings may be obtained according to these drawings without any creative labor.
Fig. 1 is a kind of method workflow schematic diagram for managing isomery firewall provided by the embodiments of the present application;
Fig. 2 is a kind of application scenarios schematic diagram for managing isomery firewall provided by the embodiments of the present application;
Fig. 3 is the application scenarios schematic diagram of another management isomery firewall provided by the embodiments of the present application;
Fig. 4 is in a kind of method for managing isomery firewall provided by the embodiments of the present application, and resolver is to the safe plan
The security strategy combination for slightly including in configuration file is parsed, and the workflow schematic diagram of parsing result is obtained;
Fig. 5 is to determine the work of parsing result in a kind of method for managing isomery firewall provided by the embodiments of the present application
Flow diagram;
Fig. 6 is to determine the work of parsing result in the method for another management isomery firewall provided by the embodiments of the present application
Make flow diagram;
Fig. 7 is the method workflow schematic diagram of another management isomery firewall provided by the embodiments of the present application;
Fig. 8 is a kind of system structure diagram for managing isomery firewall provided by the embodiments of the present application.
Specific embodiment
In order to solve in the prior art, in checking isomery firewall when the security strategy of each firewall, need multiple
Terminal device and the problem of lead to higher cost, and need successively to check multiple terminal devices, expend time and manpower, this Shen
Please a kind of method and system for managing isomery firewall are provided by following each embodiment.
The embodiment of the present application provides a kind of method for managing isomery firewall, and the method is applied to isomery firewall management
System, the management system include collection terminal, resolver and terminal device.Collection terminal, resolver and terminal in management system
Information transmission is able to carry out between equipment.
Referring to the workflow schematic diagram of Fig. 1, a kind of method managing isomery firewall provided by the embodiments of the present application, packet
Include following steps:
Step 101, collection terminal acquires the security strategy configuration file of each firewall in isomery firewall, and described in reading
The identification information for including in security strategy configuration file.
It is provided by the embodiments of the present application acquisition security strategy configuration file mode include two kinds, one way in which be by
The security strategy configuration file of each firewall imported into collection terminal;Another way is that collection terminal is prevented fires by network and isomery
Each firewall is connected in wall, directly acquires the security strategy configuration file of each firewall.
Step 102, the collection terminal determines the brand of the firewall by the identification information.
Usually using identification information as starting content in security strategy configuration file, then version, date or note are described
The information such as item of anticipating describe security strategy combination again later.Wherein, identification information can be symbol, or specific single
Word.Since the starting content of the firewall of different brands is different, i.e., identification information is different, so can be according to the mark of firewall
The difference of information, to determine the brand of firewall.
Step 103, the collection terminal calls resolver corresponding with the brand of the firewall.
Since the security strategy configuration file of the firewall of different brands has differences on describing mode, and same brand
Firewall security strategy configuration file used in describing mode feature having the same therefore can be according to each brand
The describing mode of the security strategy configuration file of firewall presets the corresponding resolver of firewall of each brand.Acquisition
After holding the brand for determining firewall, resolver corresponding with firewall brand can be called.
Step 104, the resolver parses the security strategy combination for including in the security strategy configuration file,
Obtain parsing result.
The corresponding resolver of the firewall of each brand according to preset rules, to the security strategy configuration file
It is parsed.A kind of parsing result provided by the embodiments of the present application is that security strategy is configured text using unified describing mode
The security strategy for including in part parses.For example, the firewall of firewall and B brand in isomery firewall comprising A brand,
Resolver the security strategy unification of two kinds of firewalls can be described with the describing mode of the firewall of A/B brand, alternatively,
It is unified to be described with the describing mode of the firewall of C brand.
Step 105, terminal device obtains the parsing result of each resolver, and according to the brand of the firewall
And/or IP address classification shows the parsing result.
Terminal device obtains the parsing result of each resolver, and the parsing result of each resolver carries the parsing
As a result the brand of corresponding firewall, terminal device show the parsing further according to brand and/or the IP address classification of firewall
As a result.In the process, due to generally comprising one or more security strategy in the security strategy combination of each firewall, because
This, terminal device is that the security strategy of each firewall parsed distributes an ID, the security strategy of each firewall
Quantity is identical as the quantity of ID to primarily serve the effect for identifying each security strategy.
The embodiment of the present application provides a kind of method for managing isomery firewall, this method by step 101 to step 105
In, collection terminal acquires the security strategy configuration file of each firewall in isomery firewall;The collection terminal passes through the safety
The identification information for including in policy configuration file determines the brand of the firewall, then calls the brand pair with the firewall
The resolver answered;The resolver parses the security strategy combination for including in the security strategy configuration file, obtains
Parsing result;Terminal device obtains the parsing result of each resolver, and according to the brand of the firewall and/or IP
Location classification shows the parsing result.
In method provided by the embodiments of the present application, collection terminal can acquire the security strategy configuration of the firewall of different brands
File, and resolver identical with the brand of firewall is called, then parsing result is transmitted to terminal device, so that each fire prevention
The security strategy of wall is shown in the terminal device.That is, the application can in a terminal device centralized displaying
The security strategy of each firewall in isomery firewall.And in the prior art, generally require multiple terminal devices.Prior art phase
Than the embodiment of the present application reduces the quantity of terminal device.In addition, although the embodiment of the present application increases collection terminal and parsing
Device, but the cost of collection terminal and resolver is less for terminal device.Therefore, method solution provided by the embodiments of the present application
It has determined in the prior art, in checking isomery firewall when the security strategy of each firewall, has needed multiple terminal devices and lead
The problem of causing higher cost.
In addition, in the prior art, generally require successively to check that multiple terminal devices could obtain each in isomery firewall
The security strategy of firewall, takes considerable time and manpower.And use method provided by the embodiments of the present application, it is only necessary to check one
A terminal device can obtain the security strategy of each firewall in isomery firewall, solve consuming existing in the prior art
The problem of time and manpower.
For example, including the firewall of 3 different brands, 3 different brands in isomery firewall in a certain application scenarios
Firewall be connected with collection terminal, collection terminal is connected with resolver, wherein resolver A is identical as the brand of firewall A,
Resolver B is identical as the brand of firewall B, and resolver C is identical as the brand of firewall C.In addition, resolver is and terminal device
It is connected.
Schematic diagram shown in Figure 2, if managing isomery firewall, collection terminal according to method provided by the embodiments of the present application
It acquires the security strategy configuration file of each firewall, after the brand for determining each firewall, calls resolver A parsing fire prevention
The security strategy for including in the security strategy configuration file of wall A calls the security strategy of resolver B parsing firewall B to configure text
The security strategy for including in part calls the security strategy for including in the security strategy configuration file of resolver C parsing firewall C,
Finally, showing parsing result in terminal device.
According to foregoing description it is found that it is provided by the embodiments of the present application management isomery firewall method, can be an end
In end equipment in centralized displaying isomery firewall each firewall security strategy, solve in the prior art, multiple terminals are set
Standby higher cost, and the problem of expending time and manpower, is successively checked caused by multiple terminal devices.
It include 3 firewalls, the wherein product of firewall A1 and firewall A2 in isomery firewall in another application scene
Board is identical, and the brand of firewall B is different from the brand of firewall A1, and collection terminal is connected with resolver, wherein resolver A's
Identical as the brand of firewall A1, then resolver A's is also identical as the brand of firewall A2, the brand and firewall B of resolver B
Brand it is identical.In addition, resolver is connected with terminal device.
Schematic diagram shown in Figure 3, if managing isomery firewall, collection terminal according to method provided by the embodiments of the present application
It acquires the security strategy configuration file of each firewall, after the brand for determining each firewall, calls resolver A parsing fire prevention
The security strategy for including in the security strategy configuration file of wall A1 and firewall A2 calls the safety of resolver B parsing firewall B
The security strategy for including in policy configuration file, finally, showing parsing result in terminal device.
According to foregoing description it is found that call resolver quantity be smaller than or equal to firewall quantity.If having two
The brand of a or more than two firewalls is identical, then the quantity for the firewall that collection terminal calls is less than the quantity of firewall, herein
In the case of, the security strategy for the firewall that terminal device obtains in a certain resolver is the security strategy of multiple firewalls, this
When, it can be by the IP address of the corresponding firewall of security strategy, by the safe plan of the firewall of same brand different IP addresses
It is slightly distinguish, finally, the parsing result of each resolver is still shown in same terminal device, solved in the prior art,
The higher cost of multiple terminal devices, and the problem of expending time and manpower, is successively checked caused by multiple terminal devices.
In a step 102, the operation that the brand of the firewall is determined by the identification information is disclosed.The application is real
In a kind of mode for applying example offer, the collection terminal determines the brand of the firewall by the identification information, comprising:
The collection terminal determines the identification information pair according to the relationship of identification information database identification information and brand
The brand answered, using the corresponding brand of the identification information as the brand of the firewall.
It is different according to the corresponding identification information of the firewall of different brands, establish identification information database.In identification information
In database, the brand of identification information and firewall is corresponded, then identification information database is directed into collection terminal.When adopting
After collection end gets the identification information of security strategy configuration file, the mark letter can be determined according to identification information database
Cease corresponding brand.
Schematic diagram shown in Figure 4, the resolver is to the security strategy for including in the security strategy configuration file
Combination is parsed, and parsing result is obtained, comprising:
Step 201, the resolver obtains the security strategy combination for including in the security strategy configuration file.
It is combined in security strategy configuration file comprising identification information and security strategy, the safe plan of the firewall of same brand
Slightly file describing mode is identical, wherein identification information and the describing mode of security strategy combination have differences.Therefore, resolver
According to the difference of the describing mode of security strategy combination and the describing mode of identification information, and the describing mode with other information
Difference, by security strategy combination select come.
Step 202, the resolver is grouped security strategy combination, wherein each corresponding institute of the grouping
State a security strategy in security strategy combination.
Each firewall respectively corresponds a security strategy configuration file in isomery firewall, in security strategy configuration file
It is combined comprising a security strategy, and includes different security strategies in security strategy combination, resolver is according to security strategy
Security strategy combination is grouped by describing mode.For example, it is assumed that every security strategy is starting with a certain fixed word, and
And every security strategy does not occur in other positions in addition to starting word, then using the fixation word as mark, from one
Fixed word starts, and terminates before to next fixed word, between as a grouping, the corresponding safe plan of a grouping
A security strategy slightly in combination.
Step 203, the resolver extracts the characteristic information for including in each grouping.
In this step, characteristic information includes source domain, purpose domain, source IP, destination IP and information on services.Wherein, source IP refers to
Security strategy is capable of the source IP addresses of matched data packet, and destination IP refers to that security strategy is capable of the purpose of matched data packet
IP address.If a certain data packet derives from extranets, when it passes through firewall access intranet, firewall utilizes data packet
In the information such as source domain, purpose domain, source IP and destination IP, the security strategy of firewall is matched, if data packet matched arrive firewall
In a security strategy, then firewall executes the forwarding of data packet according to the information on services in security strategy or abandons dynamic
Make.In the process, data packet is needed to match with the characteristic information in security strategy, it is mutual to the network across firewall to realize
Visit is controlled.
Since the describing mode of the security strategy of the firewall of same brand is identical, the firewall of same brand is in safe plan
If slightly there is dry type on describing mode, extracting rule corresponding with describing mode type is preset in resolver, is solved
Parser selects the extraction of correspondingly extracting rule progress characteristic information according to the describing mode type of each grouping.
Step 204, the characteristic information is converted safety identical with preset describing mode by the resolver
Strategy, by the security strategy identical with preset describing mode as parsing result.
In this step, need to preset a kind of description rule corresponding with specific describing mode, the description rule energy
It is enough to convert characteristic information to for security strategy identical with preset describing mode.Each firewall in isomery firewall
Security strategy characteristic information be extracted after, resolver utilize specific description rule, convert characteristic information to
Security strategy identical with preset describing mode enables the security strategy of each firewall to concentrate and is showed in terminal
Equipment.
Schematic diagram shown in Figure 5, in a kind of mode of determining parsing result provided by the embodiments of the present application, described
Collection terminal acquires in isomery firewall after the security strategy configuration file of each firewall, further includes:
Step 301, the collection terminal chooses the current safety policy configuration file of each firewall in isomery firewall, will
It determines the corresponding target preceding document of the file destination as file destination, wherein the target preceding document and the mesh
The corresponding firewall of mark file is identical, and the target preceding document is acquires before the file destination, and acquisition time distance
A nearest security strategy configuration file of the acquisition time of the file destination.
Step 302, whether the collection terminal file destination and the target preceding document are identical.
In this step, the file destination is carried out first compared with the text of the target preceding document, if the target is literary
Part is identical as the target preceding document, then file destination is saved and made backup file by collection terminal, records file destination
Acquisition time and corresponding firewall information.In addition, collection terminal continues to acquire next security strategy configuration file as target
File.If the file destination is different from the target preceding document, the operation of step 303 is executed.
Step 303, if the file destination is different from the target preceding document, the collection terminal by the file destination with
First distinctive information of the target preceding document is transmitted to the terminal device.
Compare due to having carried out text first, if the file destination is different from the target preceding document, that is, text
It has differences, text difference is the first distinctive information of file destination and target preceding document, and collection terminal passes the first distinctive information
Terminal device is transported to, informs that the security strategy configuration file of some firewall of terminal device changes, is done convenient for terminal device
It correspondingly indicates out.
Step 304, the terminal device determines corresponding first mesh of the file destination according to first distinctive information
Firewall is marked, and after getting the parsing result of the file destination of the resolver parsing, by the first object
The parsing result of firewall is determined as the parsing result of the file destination.
After first distinctive information is transmitted to terminal device by collection terminal, collection terminal call correspondingly resolver to mesh
Mark file is parsed, and the parsing result of file destination is transmitted to terminal device by resolver, and terminal device prevents first object
The parsing result of wall with flues is substituted for the parsing result of file destination.
Schematic diagram shown in Figure 6, it is provided by the embodiments of the present application another determine parsing result mode in, in institute
Resolver is stated to parse the security strategy combination for including in the security strategy configuration file, after obtaining parsing result,
Further include:
Step 401, the resolver chooses the parsing result of current each security strategy configuration file, as target
Parsing result, and determine parsing result before the corresponding target of the target parsing result, wherein before the target parsing result with
The corresponding firewall of the target parsing result is identical, and parsing result is complete before the target parsing result before the target
At parsing, and complete the parsing result of the completion parsing time of target parsing result described in parsing time gap recently.
Step 402, the resolver target parsing result and parsing result before the target.
In this step, target parsing result is the parsing of the security strategy configuration file of a firewall in isomery firewall
As a result, including a plurality of security strategy identical with preset describing mode in the parsing result, resolver is in relatively target
Before parsing result and the target when parsing result, a security strategy in target parsing result is chosen, successively and before target
Security strategy in parsing result compares, and after the completion of comparing, then chooses another security strategy in target parsing result, successively
Compared with the security strategy before target in parsing result, is recycled and compared with this.
If target parsing result is identical as parsing result before target, target parsing result is saved and is made by resolver
Backup result, the completion parsing time of record target parsing result and corresponding firewall information.In addition, resolver continues to choose
The parsing result of next security strategy configuration file is as target parsing result.If the target parsing result and the target
Preceding parsing result is different, executes the operation of step 403.
Step 403, if the target parsing result is different from parsing result before the target, the resolver is by the mesh
The second distinctive information of parsing result is transmitted to the terminal device before mark parsing result and the target.
There are a variety of situations, the embodiment of the present application to provide for parsing result difference before the target parsing result and the target
A kind of situation be that a security strategy before in target parsing result a security strategy and target in parsing result is not
Together, then resolver is transmitted to terminal device using security strategy different in target parsing result as the second distinctive information, informs
The security strategy configuration file of some firewall of terminal device changes, and makes convenient for terminal device and correspondingly indicating.
Step 404, the terminal device determines the target parsing result corresponding according to second distinctive information
Two target firewalls, and the parsing result of the second target firewall is determined as the target parsing result.
After second distinctive information is transmitted to terminal device by resolver, terminal device is by first object firewall
Parsing result is substituted for the parsing result of file destination.
Schematic diagram shown in Figure 7, the method for another management isomery firewall provided by the embodiments of the present application, packet
It includes:
Step 501, collection terminal acquires the security strategy configuration file of each firewall in isomery firewall, and described in reading
The identification information for including in security strategy configuration file.
Step 502, the collection terminal determines the brand of the firewall by the identification information.
Step 503, the collection terminal calls resolver corresponding with the brand of the firewall.
Step 504, the resolver obtains the security strategy combination for including in the security strategy configuration file.
Step 505, the resolver is grouped security strategy combination, wherein each corresponding institute of the grouping
State a security strategy in security strategy combination.
Step 506, the resolver extracts the characteristic information for including in each grouping.
Step 507, the terminal device obtains the characteristic information for including in each grouping.
Step 508, the terminal device combines the characteristic information for including in each grouping with the security strategy
In every security strategy match, in order to pass through the security strategy of characteristic information match query.
In this step, every security strategy is assigned with correspondingly ID in security strategy combination, by ID, security strategy and spy
Reference breath associates, due to including multiple features in characteristic information, in association process, not only by spy each in characteristic information
Sign is associated with security strategy, also that characteristic information is associated with security strategy as a whole.It carries out on the terminal device
, not only can be according to the brand and/or IP address of firewall when query safe strategy, it can also ID, spy according to security strategy
Any one feature carrys out query safe strategy in reference breath, can also be according to the query composition security strategy of characteristic information, with this
Realize the security strategy for passing through characteristic information match query.
Wherein, step 501 is to the specific operation process of step 503 and the specific operation process phase of step 101 to step 103
Together, step 504 is identical to the specific operation process of step 506 and the specific operation process of step 201 to step 203, can be mutual
Reference, details are not described herein again.
Following is the application Installation practice, can be used for executing the application embodiment of the method.It is real for the application device
Undisclosed details in example is applied, the application embodiment of the method is please referred to.
Referring to structural schematic diagram shown in Fig. 8, a kind of system packet managing isomery firewall provided by the embodiments of the present application
Include collection terminal, resolver and terminal device.
Wherein, the collection terminal includes:
Acquisition module 100 for acquiring the security strategy configuration file of each firewall in isomery firewall, and reads institute
State the identification information for including in security strategy configuration file.
Determining module 200, for determining the brand of the firewall by the identification information.
Calling module 300, for calling resolver corresponding with the brand of the firewall.
The resolver includes:
Parsing module 400 is obtained for parsing to the security strategy combination for including in the security strategy configuration file
To parsing result.
The terminal device includes:
Display module 500, for obtaining the parsing result of each resolver, and according to the brand of the firewall
And/or IP address classification shows the parsing result.
Optionally, the determining module includes:
Determination unit determines the mark letter for the relationship according to identification information database identification information and brand
Corresponding brand is ceased, using the corresponding brand of the identification information as the brand of the firewall.
Optionally, the parsing module includes:
First acquisition unit, for obtaining the security strategy for including in security strategy configuration file combination.
Grouped element, for being grouped to security strategy combination, wherein each corresponding safety of the grouping
A security strategy in strategy combination.
Extraction unit, for extracting the characteristic information for including in each grouping.
Parsing result determination unit, for converting peace identical with preset describing mode for the characteristic information
Full strategy, by the security strategy identical with preset describing mode as parsing result.
Optionally, the collection terminal further include: the first determining module, the first comparison module and the first transmission module;It is described
Terminal device further include: the second determining module.
First determining module, the safe plan for each firewall in acquisition module acquisition isomery firewall
Slightly after configuration file, the current safety policy configuration file of each firewall in isomery firewall is chosen, as target
File, and determine the corresponding target preceding document of the file destination, wherein the target preceding document is corresponding with the file destination
Firewall it is identical, the target preceding document is to acquire before the file destination, and acquisition time is apart from target text
A nearest security strategy configuration file of the acquisition time of part.
First comparison module, for the file destination and the target preceding document.
First transmission module, for determining the file destination and the target preceding document not in first comparison module
With after, the first distinctive information of the file destination and the target preceding document is transmitted to the terminal device.
Second determining module, for determining the file destination corresponding first according to first distinctive information
Target firewall, and after getting the parsing result of the file destination of the resolver parsing, by first mesh
The parsing result of mark firewall is determined as the parsing result of the file destination.
Optionally, the resolver further include: third determining module, the second comparison module and the second transmission module;It is described
Terminal device further include: the 4th determining module.
The third determining module, in the parsing module to the safety for including in the security strategy configuration file
Strategy combination is parsed, and after obtaining parsing result, the parsing result of current each security strategy configuration file is chosen, by it
As target parsing result, and determine parsing result before the corresponding target of the target parsing result, wherein solve before the target
It is identical to analyse result firewall corresponding with the target parsing result, parsing result is to parse to tie in the target before the target
It completes to parse before fruit, and the parsing that the completion parsing time for completing target parsing result described in parsing time gap is nearest
As a result.
Second comparison module, for parsing result before the target parsing result and the target.
Second transmission module, for being solved before second comparison module determines the target parsing result and the target
After analysing result difference, the second distinctive information of parsing result before the target parsing result and the target is transmitted to described
Terminal device.
4th determining module, for determining that the target parsing result is corresponding according to second distinctive information
Second target firewall, and the parsing result of the second target firewall is determined as the target parsing result.
Optionally, the terminal device further include:
Second acquisition unit, for after the extraction unit extracts the characteristic information for including in each grouping,
Obtain the characteristic information for including in each grouping.
Matching unit, for every peace in combining the characteristic information for including in each grouping with the security strategy
Full strategy matches, in order to pass through the security strategy of characteristic information match query.
In the specific implementation, the application also provides a kind of computer storage medium, wherein the computer storage medium can store
There is program, which may include the portion in a kind of each embodiment of method for managing isomery firewall provided by the present application when executing
Point or Overall Steps.The storage medium can be magnetic disk, CD, read-only memory (English: read-only
Memory, referred to as: ROM) or random access memory (English: random access memory, referred to as: RAM) etc..
It is required that those skilled in the art can be understood that the technology in the embodiment of the present application can add by software
The mode of general hardware platform realize.Based on this understanding, the technical solution in the embodiment of the present application substantially or
Say that the part that contributes to existing technology can be embodied in the form of software products, which can deposit
Storage is in storage medium, such as ROM/RAM, magnetic disk, CD, including some instructions are used so that computer equipment (can be with
It is personal computer, server or the network equipment etc.) execute certain part institutes of each embodiment of the application or embodiment
The method stated.
Same and similar part may refer to each other between each embodiment in this specification.Implement especially for device
For example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring in embodiment of the method
Explanation.
Combine detailed description and exemplary example that the application is described in detail above, but these explanations are simultaneously
It should not be understood as the limitation to the application.It will be appreciated by those skilled in the art that without departing from the application spirit and scope,
A variety of equivalent substitution, modification or improvements can be carried out to technical scheme and embodiments thereof, these each fall within the application
In the range of.The protection scope of the application is determined by the appended claims.
Claims (12)
1. a kind of method for managing isomery firewall characterized by comprising
Collection terminal acquires the security strategy configuration file of each firewall in isomery firewall, and reads the security strategy configuration
The identification information for including in file;
The collection terminal determines the brand of the firewall by the identification information;
The collection terminal calls resolver corresponding with the brand of the firewall;
The resolver parses the security strategy combination for including in the security strategy configuration file, obtains parsing knot
Fruit;
Terminal device obtains the parsing result of each resolver, and according to the brand of the firewall and/or IP address point
Class shows the parsing result.
2. the method according to claim 1, wherein the collection terminal determined by the identification information it is described anti-
The brand of wall with flues, comprising:
The collection terminal determines that the identification information is corresponding according to the relationship of identification information database identification information and brand
Brand, using the corresponding brand of the identification information as the brand of the firewall.
3. the method according to claim 1, wherein the resolver in the security strategy configuration file to wrapping
The security strategy combination contained is parsed, and parsing result is obtained, comprising:
The resolver obtains the security strategy combination for including in the security strategy configuration file;
The resolver is grouped security strategy combination, wherein each corresponding security strategy group of the grouping
A security strategy in conjunction;
The resolver extracts the characteristic information for including in each grouping;
The characteristic information is converted security strategy identical with preset describing mode by the resolver, will it is described with
The identical security strategy of preset describing mode is as parsing result.
4. the method according to claim 1, wherein each fire prevention in collection terminal acquisition isomery firewall
After the security strategy configuration file of wall, further includes:
The collection terminal chooses the current safety policy configuration file of each firewall in isomery firewall, as target text
Part, and determine the corresponding target preceding document of the file destination, wherein the target preceding document is corresponding with the file destination
Firewall is identical, and the target preceding document is to acquire before the file destination, and acquisition time is apart from the file destination
The nearest security strategy configuration file of acquisition time;
The collection terminal file destination and the target preceding document;
If the file destination is different from the target preceding document, the collection terminal by the file destination and the target above
First distinctive information of part is transmitted to the terminal device;
The terminal device determines the corresponding first object firewall of the file destination according to first distinctive information, and
After getting the parsing result of the file destination of the resolver parsing, by the parsing of the first object firewall
As a result it is determined as the parsing result of the file destination.
5. the method according to claim 1, wherein in the resolver in the security strategy configuration file
The security strategy combination for including is parsed, after obtaining parsing result, further includes:
The resolver chooses the parsing result of current each security strategy configuration file, as target parsing result, and
Determine parsing result before the corresponding target of the target parsing result, wherein parsing result and the target solution before the target
It is identical to analyse the corresponding firewall of result, parsing result is the completion parsing before the target parsing result before the target, and
Complete the parsing result of the completion parsing time of target parsing result described in parsing time gap recently;
Parsing result before the resolver target parsing result and the target;
If the target parsing result is different from parsing result before the target, the resolver by the target parsing result with
The second distinctive information of parsing result is transmitted to the terminal device before the target;
The terminal device determines the corresponding second target fire prevention of the target parsing result according to second distinctive information
Wall, and the parsing result of the second target firewall is determined as the target parsing result.
6. according to the method described in claim 3, it is characterized in that, being extracted in each grouping in the resolver and including
After characteristic information, further includes:
The terminal device obtains the characteristic information for including in each grouping;
The terminal device combine the characteristic information for including in each grouping with the security strategy in every safe plan
Slightly match, in order to pass through the security strategy of characteristic information match query.
7. a kind of system for managing isomery firewall, which is characterized in that the system comprises collection terminal, resolver and terminals to set
It is standby;
Wherein, the collection terminal includes:
Acquisition module for acquiring the security strategy configuration file of each firewall in isomery firewall, and reads the safety
The identification information for including in policy configuration file;
Determining module, for determining the brand of the firewall by the identification information;
Calling module, for calling resolver corresponding with the brand of the firewall;
The resolver includes:
Parsing module is parsed for parsing to the security strategy combination for including in the security strategy configuration file
As a result;
The terminal device includes:
Display module, for obtaining the parsing result of each resolver, and according to the brand of the firewall and/or IP
Location classification shows the parsing result.
8. system according to claim 7, which is characterized in that the determining module includes:
Determination unit determines the identification information pair for the relationship according to identification information database identification information and brand
The brand answered, using the corresponding brand of the identification information as the brand of the firewall.
9. system according to claim 7, which is characterized in that the parsing module includes:
First acquisition unit, for obtaining the security strategy for including in security strategy configuration file combination;
Grouped element, for being grouped to security strategy combination, wherein each corresponding security strategy of the grouping
A security strategy in combination;
Extraction unit, for extracting the characteristic information for including in each grouping;
Parsing result determination unit, for converting safe plan identical with preset describing mode for the characteristic information
Slightly, by the security strategy identical with preset describing mode as parsing result.
10. system according to claim 7, which is characterized in that the collection terminal further include: the first determining module, first
Comparison module and the first transmission module;The terminal device further include: the second determining module;
First determining module, the security strategy for each firewall in acquisition module acquisition isomery firewall are matched
After setting file, the current safety policy configuration file of each firewall in isomery firewall is chosen, as file destination,
And determine the corresponding target preceding document of the file destination, wherein the target preceding document is corresponding with the file destination anti-
Wall with flues is identical, and the target preceding document is to acquire before the file destination, and acquisition time is apart from the file destination
A nearest security strategy configuration file of acquisition time;
First comparison module, for the file destination and the target preceding document;
First transmission module, for first comparison module determine the file destination it is different from the target preceding document it
Afterwards, the first distinctive information of the file destination and the target preceding document is transmitted to the terminal device;
Second determining module, for determining the corresponding first object of the file destination according to first distinctive information
Firewall, and after getting the parsing result of the file destination of the resolver parsing, the first object is prevented
The parsing result of wall with flues is determined as the parsing result of the file destination.
11. system according to claim 7, which is characterized in that the resolver further include: third determining module, second
Comparison module and the second transmission module;The terminal device further include: the 4th determining module;
The third determining module, in the parsing module to the security strategy for including in the security strategy configuration file
Combination is parsed, and after obtaining parsing result, chooses the parsing result of current each security strategy configuration file, as
Target parsing result, and determine parsing result before the corresponding target of the target parsing result, wherein knot is parsed before the target
Fruit firewall corresponding with the target parsing result is identical, before the target parsing result be the target parsing result it
Preceding completion parsing, and the completion for completing target parsing result described in parsing time gap parses time nearest parsing knot
Fruit;
Second comparison module, for parsing result before the target parsing result and the target;
Second transmission module is tied for parsing before second comparison module determines the target parsing result and the target
After fruit is different, the second distinctive information of parsing result before the target parsing result and the target is transmitted to the terminal
Equipment;
4th determining module, for determining the target parsing result corresponding second according to second distinctive information
Target firewall, and the parsing result of the second target firewall is determined as the target parsing result.
12. system according to claim 9, which is characterized in that the terminal device further include:
Second acquisition unit, for obtaining after the extraction unit extracts the characteristic information for including in each grouping
The characteristic information for including in each grouping;
Matching unit, for every safe plan in combining the characteristic information for including in each grouping with the security strategy
Slightly match, in order to pass through the security strategy of characteristic information match query.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810399642.1A CN109413017B (en) | 2018-04-28 | 2018-04-28 | Method and system for managing heterogeneous firewall |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810399642.1A CN109413017B (en) | 2018-04-28 | 2018-04-28 | Method and system for managing heterogeneous firewall |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109413017A true CN109413017A (en) | 2019-03-01 |
| CN109413017B CN109413017B (en) | 2020-07-31 |
Family
ID=65464050
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810399642.1A Active CN109413017B (en) | 2018-04-28 | 2018-04-28 | Method and system for managing heterogeneous firewall |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109413017B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110266654A (en) * | 2019-05-29 | 2019-09-20 | 国网思极网安科技(北京)有限公司 | A kind of method and electronic equipment based on security domain analysis of strategies |
| CN111970275A (en) * | 2020-08-14 | 2020-11-20 | 中国工商银行股份有限公司 | Data processing method, device, computing equipment and medium |
| CN114338162A (en) * | 2021-12-28 | 2022-04-12 | 奇安信科技集团股份有限公司 | Security policy management method and device, electronic device and storage medium |
| CN114640522A (en) * | 2022-03-18 | 2022-06-17 | 广东润联信息技术有限公司 | Processing method, device, equipment and storage medium of firewall security policy |
| CN117220998A (en) * | 2023-10-23 | 2023-12-12 | 北京睿航至臻科技有限公司 | Firewall policy unified normalization method |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100904557B1 (en) * | 2008-11-20 | 2009-06-25 | 주식회사 이글루시큐리티 | Unification management system for different types of firewalls and method therof |
| CN102413012A (en) * | 2011-11-21 | 2012-04-11 | 上海交通大学 | System for automatically analyzing computer network connectivity |
| CN103577307A (en) * | 2013-11-07 | 2014-02-12 | 浙江中烟工业有限责任公司 | Method for automatically extracting and analyzing firewall logs based on XML rule model |
| US9009779B2 (en) * | 2010-11-12 | 2015-04-14 | Content Watch, Inc. | Methods related to network access redirection and control and devices and systems utilizing such methods |
| CN104580078A (en) * | 2013-10-15 | 2015-04-29 | 北京神州泰岳软件股份有限公司 | Network access control method and system |
| CN105721188A (en) * | 2014-12-04 | 2016-06-29 | 北京神州泰岳信息安全技术有限公司 | Firewall strategy check method and system |
| CN105812326A (en) * | 2014-12-29 | 2016-07-27 | 北京网御星云信息技术有限公司 | Heterogeneous firewall strategy centralized control method and heterogeneous firewall strategy centralized control system |
| CN105897660A (en) * | 2015-01-14 | 2016-08-24 | 柳州尚龙电器有限公司 | Security guarantee system for electronic commerce |
| CN107872432A (en) * | 2016-09-26 | 2018-04-03 | 中国电信股份有限公司 | Isomery cloud platform security strategy Explore of Unified Management Ideas, device and system |
-
2018
- 2018-04-28 CN CN201810399642.1A patent/CN109413017B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100904557B1 (en) * | 2008-11-20 | 2009-06-25 | 주식회사 이글루시큐리티 | Unification management system for different types of firewalls and method therof |
| US9009779B2 (en) * | 2010-11-12 | 2015-04-14 | Content Watch, Inc. | Methods related to network access redirection and control and devices and systems utilizing such methods |
| CN102413012A (en) * | 2011-11-21 | 2012-04-11 | 上海交通大学 | System for automatically analyzing computer network connectivity |
| CN104580078A (en) * | 2013-10-15 | 2015-04-29 | 北京神州泰岳软件股份有限公司 | Network access control method and system |
| CN103577307A (en) * | 2013-11-07 | 2014-02-12 | 浙江中烟工业有限责任公司 | Method for automatically extracting and analyzing firewall logs based on XML rule model |
| CN105721188A (en) * | 2014-12-04 | 2016-06-29 | 北京神州泰岳信息安全技术有限公司 | Firewall strategy check method and system |
| CN105812326A (en) * | 2014-12-29 | 2016-07-27 | 北京网御星云信息技术有限公司 | Heterogeneous firewall strategy centralized control method and heterogeneous firewall strategy centralized control system |
| CN105897660A (en) * | 2015-01-14 | 2016-08-24 | 柳州尚龙电器有限公司 | Security guarantee system for electronic commerce |
| CN107872432A (en) * | 2016-09-26 | 2018-04-03 | 中国电信股份有限公司 | Isomery cloud platform security strategy Explore of Unified Management Ideas, device and system |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110266654A (en) * | 2019-05-29 | 2019-09-20 | 国网思极网安科技(北京)有限公司 | A kind of method and electronic equipment based on security domain analysis of strategies |
| CN111970275A (en) * | 2020-08-14 | 2020-11-20 | 中国工商银行股份有限公司 | Data processing method, device, computing equipment and medium |
| CN114338162A (en) * | 2021-12-28 | 2022-04-12 | 奇安信科技集团股份有限公司 | Security policy management method and device, electronic device and storage medium |
| CN114640522A (en) * | 2022-03-18 | 2022-06-17 | 广东润联信息技术有限公司 | Processing method, device, equipment and storage medium of firewall security policy |
| CN114640522B (en) * | 2022-03-18 | 2024-04-16 | 华润智算科技(广东)有限公司 | Firewall security policy processing method, device, equipment and storage medium |
| CN117220998A (en) * | 2023-10-23 | 2023-12-12 | 北京睿航至臻科技有限公司 | Firewall policy unified normalization method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109413017B (en) | 2020-07-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109413017A (en) | A kind of method and system managing isomery firewall | |
| CN103023906B (en) | Method and system aiming at remote procedure calling conventions to perform status tracking | |
| US9178899B2 (en) | Detecting automated site scans | |
| US8051484B2 (en) | Method and security system for indentifying and blocking web attacks by enforcing read-only parameters | |
| CN103368957B (en) | Method and system that web page access behavior is processed, client, server | |
| US7454523B2 (en) | Geographic location determination including inspection of network address | |
| US10491618B2 (en) | Method and apparatus for website scanning | |
| CN103294950B (en) | A kind of high-power secret information stealing malicious code detecting method based on backward tracing and system | |
| CN109977690A (en) | A kind of data processing method, device and medium | |
| CN105721188A (en) | Firewall strategy check method and system | |
| JP2003216576A (en) | Method and system for monitoring weak points | |
| CN102316087A (en) | The detection method that network application is attacked | |
| JPH11143738A (en) | Supervisory method of computer system | |
| CN107528818B (en) | Data processing method and device for media file | |
| CN105610819B (en) | The method and apparatus of the query service of server info are provided | |
| CN109981587A (en) | A kind of network security monitoring traceability system based on APT attack | |
| US20210044420A1 (en) | Method for linking block-chain using hyper-chain, and apparatus therefor | |
| CN109753790A (en) | A kind of landing page monitoring method and system | |
| CN107835228A (en) | A kind of command processing method and device based on DYNAMIC GENERALIZED route | |
| CN109800571A (en) | Event-handling method and device and storage medium and electronic device | |
| Abbass et al. | Assessing the Internet of Things Security Risks. | |
| CN114024734B (en) | Intelligent network security detection and analysis system based on UEBA | |
| CN114465741B (en) | Abnormality detection method, abnormality detection device, computer equipment and storage medium | |
| CN103036895B (en) | A kind of status tracking method and system | |
| Yermalovich et al. | Formalization of attack prediction problem |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |